Privacy Policy
Personal Information
The Privacy Act sets out the information that it protects.
Personal information generally means information or an opinion about a person, where the person is identified or is reasonably identifiable.
Sensitive information means a person’s health information, genetic information, certain biometric information and biometric templates. It also means certain personal information, being an opinion about a person’s:
-
racial or ethnic origin;
-
political opinions;
-
membership of a political association;
-
religious beliefs or affiliations;
-
philosophical beliefs;
-
membership of a professional or trade association;
-
membership of a trade union;
-
sexual orientation or practices;
-
or criminal record
Where in this Privacy Policy we refer to personal information, unless the context requires otherwise that is a reference to both personal information and sensitive information.
Personal information collected and held
Vistec Software Pty Ltd only collects and holds personal information that is relevant to, and reasonably necessary for, the services we provide to you and your customers. In addition, we only collect sensitive information if you consent, or in specific circumstances set down in the Australian Privacy Principles.
The kind of information we will be likely to collect and hold includes your name, address and contact details, tax file number, superannuation information and your date of birth.
Consequences of not providing your personal information
You are not obliged to give us your personal information. However, if you decide not to give us information needed in order to provide you with services, we may not be able to provide those services to you.
How your personal information is collected and held
Vistec Software Pty Ltd must collect personal information only by lawful and fair means.
When we collect personal information about you, we will tell you why it is being collected, the organisations, or the types of organisations, to whom we usually disclose that kind of information, any law that requires the information to be collected, and the main consequences for you if the information (or part of the information) is not provided. We will also give you our contact details and tell you about how you can access the information.
Vistec Software Pty Ltd utilises a web based client relationship management tool called Microsoft Dynamics 365 that stores its data in Australia. In addition, Vistec Software Pty Ltd uses the Microsoft Office 365 operating system, and the cloud computing service Microsoft Azure. Portions of your data may be stored through these systems.
Microsoft have confirmed that data is stored partly in Australia and partially in the United States. We have attached a link to the Microsoft Privacy Policy for your information: https://privacy.microsoft.com/en-ca/privacystatement
How your personal information is used
Personal information is collected and held so that Vistec Software Pty Ltd can provide you with services you request. This is known as the “primary purpose” for collecting and holding personal information.
We cannot use or disclose your personal information for any secondary purposes unless certain circumstances apply.
We can use or disclose personal information for a secondary purpose where you give us your consent to do so, or where:
-
the secondary purpose is related to the primary purpose (where the information is sensitive information, it must be directly related to the primary purpose); and
-
you would reasonably expect us to use or disclose the information for the secondary purpose.
The types of secondary purposes for which we would ordinarily use or disclose your personal information include contacting you regarding other services that we believe may be of interest to you.
We may also use or disclose information where such use or disclosure is permitted by the Australian Privacy Principles. For example, where reasonably necessary to deal with unlawful activity or serious threats to life, health or safety.
Some primary and secondary purposes will require disclosure of your personal information to third parties. Some examples of when this would be required include for the purpose of providing you with services. The likely recipients would be the issuers or operators of financial products or financial services and providers of office and related services to us.
We will require that any third parties to whom we disclose personal information will only use that information for the purposes for which we disclosed it to them and on the basis that they will comply with their privacy obligations.
Data quality and protection
Vistec Software Pty Ltd will take reasonable steps:
-
to make sure all personal information we collect is accurate, complete and up-to-date at all times; and
-
to make sure all personal information we use or disclose is (having regard to the purpose of the use or disclosure) accurate, complete up-to-date and relevant at all times.
We will also take reasonable steps to protect your personal information from misuse, interference and loss, and from unauthorised access, modification and disclosure. Once your personal information is no longer required by us, we will take reasonable steps to destroy or permanently de-identify that personal information, except in circumstances where we are required by law to retain it.
Access and correction
If you think the personal information Vistec Software Pty Ltd holds about you is not accurate, complete or up-to-date, you should let us know. Also, please let us know any relevant changes to your personal circumstances as soon as possible.
We will take reasonable steps to correct information where you provide sufficient evidence or we are otherwise satisfied, having regard for the purpose for which the information is held, that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading. We will also notify the correction to other parties to whom we have previously disclosed the information and if such a party refuses to make a correction, we will notify you of that refusal and how you can make a complaint.
If you require access to personal information we hold about you, please send us an email to contact@vistec.com.au We will generally allow access, unless certain exceptions apply under the Australian Privacy Principles – for example, if we reasonably consider providing access would pose a serious threat to the life, health or safety of any person, or providing access would be likely to prejudice action being taken by an enforcement body, or providing access would be unlawful.
Your request should specify the information to which you require access or which you wish to be corrected. We will keep a record of your request for and the manner in which it was dealt with.
We will not charge you for requesting access to, or correction of, your personal information. We may, however, charge you the costs associated with meeting your request for access, for example photocopying and postage costs.
We are required to respond to your request for access or correction within a reasonable period, but will aim to do so within 2 business days, of receipt of your request.
We will provide you with access in the manner you request, if it is reasonable and practicable to do so.
If we cannot meet your request for access or correction, we will notify you by email and where reasonable we will give you our reason and take steps to provide you with access. We will also tell you about how you can complain about our decision.
Anonymity
You can contact us anonymously or by using a pseudonym. However, being unable to identify you will limit the services The Vistec Software Pty Ltd can provide you and there may be specific cases where we are prevented by law from dealing with you unless we identify you.
Data Breach
Should a data breach occur, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) of the data breaches that are likely to result in serious harm within 30 days of the breach event.
The factors which might contribute to a reasonable person thinking “serious harm” might have occurred include:
-
The sensitivity of the information;
-
Whether the information was encrypted;
-
Whether the information was in a secure file;
-
How likely it is that the security could be breached; or
-
The identity of the person who obtained the information, whether they intend to cause harm to the affected person and the nature of the harm.
Complaints and further information
If you would like further information about how we handle your personal information, please send us an email to contact@vistec.com.au.
If you wish to make a complaint in relation to privacy, including a breach of the Australian Privacy Principles, please put your concerns in writing contact@vistec.com.au
Vistec Software Pty Ltd will investigate your complaint and respond to your concerns as quickly as possible and within 45 days.
Policy review
This policy will be reviewed at least annually.
As at 1st April 2024